Send Netdot-devel mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://osl.uoregon.edu/mailman/listinfo/netdot-devel
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Netdot-devel digest..."
Today's Topics:
1. [Netdot - Feature #1759] (New) Updating DNS SOA externally
([email protected])
2. [Netdot - Feature #1759] Updating DNS SOA externally
([email protected])
----------------------------------------------------------------------
Message: 1
Date: Wed, 29 May 2013 15:05:58 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Feature #1759] (New) Updating DNS
SOA externally
To: [email protected], [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1759 has been reported by Andy Linton.
----------------------------------------
Feature #1759: Updating DNS SOA externally
https://osl.uoregon.edu/redmine/issues/1759
Author: Andy Linton
Status: New
Priority: Normal
Assignee:
Category:
Target version:
Resolution:
I've got a zone I'm managing with Netdot. When changes are made to the zone I
can either export the new file manually or wait until a cron job does its
magic. Then I need an external process to reload that file's data into my
nameserver software (NSD). I'm also DNSSEC signing the zone.
My external process takes care of adding any extra info I need for DNSSEC and
the actual signing before I reload. All this works fine but when it comes time
for the DNSSEC key rollover I believe I have an issue. I can create new keys
and sign the zone with them but that means the zone has changed and so the SOA
serial needs updated to reflect that. The choices seem to be:
# I can update the serial externally but then it will be out of sync with the
Netdot version.
# I can log into Netdot and force a change of the serial, export and then
re-sign the zone.
# Trigger an update of the SOA serial in Netdot using some external mechanism,
re-export and then re-sign the zone.
It's not clear how I do option 3) which is my preferred option!
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
Message: 2
Date: Wed, 29 May 2013 15:35:35 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Feature #1759] Updating DNS SOA
externally
To: [email protected], [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1759 has been updated by Andy Linton.
Formulating the question helps provide the answer - if I force the exporter.pl
script to export the file it updates the serial!
e.g. sudo bin/exporter.pl -t BIND -z lpnz.org -f
----------------------------------------
Feature #1759: Updating DNS SOA externally
https://osl.uoregon.edu/redmine/issues/1759#change-3079
Author: Andy Linton
Status: New
Priority: Normal
Assignee:
Category:
Target version:
Resolution:
I've got a zone I'm managing with Netdot. When changes are made to the zone I
can either export the new file manually or wait until a cron job does its
magic. Then I need an external process to reload that file's data into my
nameserver software (NSD). I'm also DNSSEC signing the zone.
My external process takes care of adding any extra info I need for DNSSEC and
the actual signing before I reload. All this works fine but when it comes time
for the DNSSEC key rollover I believe I have an issue. I can create new keys
and sign the zone with them but that means the zone has changed and so the SOA
serial needs updated to reflect that. The choices seem to be:
# I can update the serial externally but then it will be out of sync with the
Netdot version.
# I can log into Netdot and force a change of the serial, export and then
re-sign the zone.
# Trigger an update of the SOA serial in Netdot using some external mechanism,
re-export and then re-sign the zone.
It's not clear how I do option 3) which is my preferred option!
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
_______________________________________________
Netdot-devel mailing list
[email protected]
https://osl.uoregon.edu/mailman/listinfo/netdot-devel
End of Netdot-devel Digest, Vol 74, Issue 14
********************************************
